Lucene search
HistoryDec 10, 2013 - 4:55 p.m.
CVE-2013-3710
suse lifecycle management server
slms
cve-2013-3710
security
vulnerability
cryptographic protection
remote attackers
6.8 Medium
AI Score
Confidence
Low
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.005 Low
EPSS
Percentile
76.9%
SUSE Lifecycle Management Server (SLMS) before 1.3.7 does not generate a new secret key when the service starts, which allows remote attackers to defeat intended cryptographic protection mechanisms by leveraging knowledge of this key from a product installation elsewhere.
Affected configurations
Node
novellsuse_lifecycle_management_serverRange≤1.3
ORnovellsuse_lifecycle_management_serverMatch1.0
ORnovellsuse_lifecycle_management_serverMatch1.1
ORnovellsuse_lifecycle_management_serverMatch1.2
Related
prion
prion
Information disclosure
2013-12-10 16:55:00
cvelist
cvelist
CVE-2013-3710
2013-12-10 15:00:00
nvd
nvd
CVE-2013-3710
2013-12-10 16:55:25
6.8 Medium
AI Score
Confidence
Low
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.005 Low
EPSS
Percentile
76.9%
Related for CVE-2013-3710